def run(**kwds):
"""helper to take in user opts, return rounds used in password"""
user = FakeUser(**kwds)
user.set_password("stub")
return sha256_crypt.from_string(user.password).rounds
def run(**kwds):
"""helper to take in user opts, return rounds used in password"""
user = FakeUser(**kwds)
user.set_password("stub")
return sha256_crypt.from_string(user.password).rounds
def get_cc_rounds(**kwds):
"helper for testing category funcs"
user = FakeUser(**kwds)
user.set_password("placeholder")
return sha256_crypt.from_string(user.password).rounds
def test_10_genconfig_settings(self):
"test genconfig() honors policy settings"
cc = CryptContext(policy=None, **self.sample_policy_1)
# hash specific settings
self.assertEqual(
cc.genconfig(scheme="nthash"),
'$NT$00000000000000000000000000000000',
)
self.assertEqual(
cc.genconfig(scheme="nthash", ident="3"),
'$3$$00000000000000000000000000000000',
)
# min rounds
self.assertEqual(
cc.genconfig(rounds=1999, salt="nacl"),
'$5$rounds=2000$nacl$',
)
self.assertEqual(
cc.genconfig(rounds=2001, salt="nacl"),
'$5$rounds=2001$nacl$'
)
#max rounds
self.assertEqual(
cc.genconfig(rounds=2999, salt="nacl"),
'$5$rounds=2999$nacl$',
)
self.assertEqual(
cc.genconfig(rounds=3001, salt="nacl"),
'$5$rounds=3000$nacl$'
)
#default rounds - specified
self.assertEqual(
cc.genconfig(scheme="bsdi_crypt", salt="nacl"),
'_N...nacl',
)
#default rounds - fall back to max rounds
self.assertEqual(
cc.genconfig(salt="nacl"),
'$5$rounds=3000$nacl$',
)
#default rounds - out of bounds
cc2 = CryptContext(policy=cc.policy.replace(
bsdi_crypt__default_rounds=35))
self.assertEqual(
cc2.genconfig(scheme="bsdi_crypt", salt="nacl"),
'_S...nacl',
)
# default+vary rounds
# this runs enough times the min and max *should* be hit,
# though there's a faint chance it will randomly fail.
from passlib.hash import bsdi_crypt as bc
cc3 = CryptContext(policy=cc.policy.replace(
bsdi_crypt__vary_rounds = 3))
seen = set()
for i in xrange(3*2*50):
h = cc3.genconfig("bsdi_crypt", salt="nacl")
r = bc.from_string(h).rounds
seen.add(r)
self.assertTrue(min(seen)==22)
self.assertTrue(max(seen)==28)
# default+vary % rounds
# this runs enough times the min and max *should* be hit,
# though there's a faint chance it will randomly fail.
from passlib.hash import sha256_crypt as sc
cc4 = CryptContext(policy=cc.policy.replace(
all__vary_rounds = "1%"))
seen = set()
for i in xrange(30*50):
h = cc4.genconfig(salt="nacl")
r = sc.from_string(h).rounds
seen.add(r)
self.assertTrue(min(seen)==2970)
self.assertTrue(max(seen)==3000) #NOTE: would be 3030, but clipped by max_rounds
def get_cc_rounds(**kwds):
"helper for testing category funcs"
user = FakeUser(**kwds)
user.set_password("placeholder")
return sha256_crypt.from_string(user.password).rounds
